Services Oriented Architecture: What it Means to the Server Room

The subject of Service Oriented Architecture (SOA) gets a lot of ink these days. It has replaced from Web services as the buzz word du jour. And like Web services, SOA can be quite a concept to wrap one's wits around.

Despite being the buzz word du jour, service oriented architectures are on their way to being mainstream. Systems administrators and other data center staff will feel the impact as the equipment they manage is swept up in the tide.

So is SOA just something mainly concerning IT strategist, top management or the programming boys? John Burke, an analyst at New York City based Nemertes Research believes otherwise. He sees it as having a major impact on systems administrators and other data center staff members.

"The shift to a componentized, SOA world will have significant effects on how servers are provisioned and managed, especially by breaking down even further the association between particular servers and particular applications," says Burke. "Server managers are aware of this, even if it is not currently affecting them, and even if they don't expect it to in the near term."

SOA Confusing

Before discussing that impact further, it is vital to achieve an understanding of what SOA is. according to Gene Leganza, an analyst at Forrester Research of Cambridge, Mass., "SOA is a style of design, deployment and management of applications and software infrastructure in which applications are organized into business services that are network accessible."

He expands that definition by saying service interface definitions and quality of service characteristics are explicitly defined. Further, services are well-cataloged and discoverable by development tools and management tools, and protocols are mainly based on Web services.

Leganza compares traditional applications to their SOA cousins. The former are designed to last, whereas the latter are designed to change. Traditional apps are tightly coupled compared to loose coupled SOA alternatives. The result is a move away from integrated silos of information to a more flexible architecture built on services, and more interactive, iterative development.

Explanations such as those given above, of course, might convince some systems administrators that SOA is either programming gobbledygook or a software-centric subject that has little to do with managing a server room. Having a closed mind about such matters, however, may not be a wise long-term career move.

"SOA's value to systems managers is best summed up in three words: flexibility, control, and availability," says Burke.

He explains that in an SOA-based data center, the delivery of IT services to the business is based on combining lots of individual components that do small jobs and aren't tightly tied to each other. That means they can run on the same server, or different servers in the same data center or even in different data centers. Since those small components can run anywhere, they can be shifted from server to server independent of what happens to the other components they work with. Components can be run on as many nodes as are needed to meet demand for their services, so you can tailor resources to loads in a much finer-grained fashion. You might be able to run a thousand components on a 1U quad Opteron box, for example, or have a component so heavily used you devote four similar boxes just to it.

"You can mix and match which components run on which servers (or virtual servers) and even in which data centers in order to manage server loads, application and network performance," says Burke. "You can also provide for availability even in the midst of server failures and data center disasters."

Adoption Rates

Like many buzzwords, the enthusiasm of analysts and vendors generally runs well ahead of actual enterprise adoption. So to what to degree are SOAs being deployed?

According to Forrester, 53 percent of the Global 2000 cite SOA adoption as a priority in 2007. About 37 percent are actively employing SOA. The analyst firm cites improved business and application flexibility as the main drivers.

IT management consultancy Freeform Dynamics in the Untied Kingdom agrees with Forrester's 2007 prediction. But it pegs the adoption pace lower  between 15 percent and 20 percent of larger organizations.

"The center of gravity for SOA right now is definitely the architect community, which is clearly bleeding into the development and operations parts of the organization, as well as rising up the management hierarchy," says Dale Vile, an analyst at Freeform Dynamics. "SOA means different things to different people  to ops guys it is about having more control to tune and optimize the way in which applications run."

He notes that some are skeptical at the moment and don't see the point. He urges them, however, to think back to the evolution of earlier concepts, such as network-based application architectures, object-orientated design or Web-architected applications. These things were initially met with indifference or doubt in many quarters. But as new applications brought into the organization incorporated them, they eventually permeated every IT department and business, whether they made an explicit decision to adopt or not.

"This is exactly what will happen with SOA and in three years time, no one will think of it as special at all," says Vile. "SOA is completely unstoppable because it is such a no-brainer, and the ISV community will make it happen."

Burke concurs. He expects to see a dramatic increase in the number of real production systems developed and deployed as parts of a Web services based SOA in the next two to three years.

"We're hearing about SOA most from large enterprises that have lots of internal application development  especially those for whom IT is used strategically to provide competitive advantage," says Burke. "These companies want their development efforts to be nimbler, and to produce usable new applications more quickly."

Achilles Heel

SOA may have one major Achilles heel  security. As it is built on open standards, SOA may well expose data and software to a wider audience  perhaps too wide. And this could compromise security efforts, particularly in those organizations involved in Sarbanes Oxley and other compliance initiatives. Such companies, therefore, must evaluate the risks as part of their SOA planning process.

"Looming over all of this is the question of securing SOA without crippling it," says Burke. "SOA will change the way managers have to think about which servers will talk to which, how and when."